User Authentication Using a Portable Mobile Device

1. A method of authenticating a user, the method comprising: receiving in a user computer a service session information from a service provider system being accessed by the user computer; receiving in the user computer a sign-in information from a device provisioning system that identifies a registered user of a portable mobile device based on a unique device identifier of the portable mobile device; generating combined data in the user computer by combining in the user computer the sign-in information received by the user computer from the device provisioning system and the service session information received by the user computer from the service provider system; receiving the sign-in information in the portable mobile device, the sign-in information being received by the portable mobile device from the combined data received by the portable mobile device from the user computer; and providing the sign-in information and the unique device identifier of the portable mobile device from the portable mobile device to the device provisioning system, wherein the sign-in information comprises a device provisioning system session information that identifies a session for receiving the sign-in information from the device provisioning system.

2. The method of claim 1 further comprising: in the service provider system, allowing the user computer access to the remote online service based on an identity of the registered user of the portable mobile device.

3. The method of claim 2 wherein the identity of the registered user of the portable mobile device is a user identifier (ID).

4. The method of claim 1 wherein the combined data comprise displayable code that is displayed on a display window of the user computer and the portable mobile device receives the combined data by taking a picture of the displayable code using a camera of the portable mobile device.

5. The method of claim 1 wherein the service session information identifies a session for accessing the remote online service provided by the service provider system.

6. The method of claim 1 wherein the portable mobile device comprises a smartphone, and the sign-in information is received by the smartphone from the user computer using a built-in camera of the smartphone.

7. A system for authenticating a user, the system comprising: a service provider system that receives an access request from a user computer over a first Internet connection, receives information about an identity of a user from a device provisioning system over a second Internet connection, and provides access to a its remote online service to the user computer when the user is an authorized user based on the information about the identity of the user received from the device provisioning system; the user computer that sends a request to access the remote online service over the first Internet connection, receives the a sign-in information from the device provisioning system over a third Internet connection, receives a service session information from the service provider system over the first Internet connection, generates combined data comprising the sign-in information and the service session information, provides the sign-in information to the a portable mobile device over a communications channel, and accesses the remote online service after the service provider system determines that the user is as an authorized user; the portable mobile device that receives the sign-in information from the combined data generated by the user computer and provides the sign-in information and a unique device identifier to the device provisioning system over a fourth Internet connection, the unique device identifier uniquely identifying the portable mobile device; and the device provisioning system that provides the sign-in information to the user computer over the third Internet connection, receives the sign-in information and the unique device identifier from the portable mobile device over the fourth Internet connection, and informs the service provider system over the second Internet connection an identity of the user based on the portable mobile device, wherein the sign-in information comprises a device provisioning system session information that identifies a session for receiving the sign-in information from the device provisioning system.

8. The system of claim 7 wherein the identity of the user is a user identifier (ID) provided by the device provisioning system to the service provider system based on the portable mobile device.

9. The system of claim 7 wherein the service session information identifies a session for accessing the remote online service provided by the service provider system.

10. The system of claim 7 wherein the portable mobile device comprises a smartphone, and the smartphone receives the sign-in information from the user computer by way of a built-in camera of the smartphone.